Question

Why do I have to upgrade my master UCS first?

Answer

With new versions of UCS there might be changes in the LDAP schema happening. As the master server is the only authoritative one it always holds the valid up-to-date data. Upgrading a backup with implementing a new schema would cause sort of “split-brain” issues as the backup would have a newer schema as the master and none of these two would be able to decline other’s information.

Note This is valid for errata updates, too. Even though UCS does not check it.
Note2 This is also valid for member servers even though they do not have a local copy of ldap, but some clients might request newer attributes than the master has.

In practice you might be able to mix update order but it is strongly not recommended and if you do so it is at your own risk.